add reporter for v2

Author: viveksahu26

pkg/engine/score.go

@@ -29,8 +29,12 @@ import (
 	"github.com/interlynk-io/sbomqs/pkg/compliance/common"
 	"github.com/interlynk-io/sbomqs/pkg/logger"
 	"github.com/interlynk-io/sbomqs/pkg/reporter"
+	v2 "github.com/interlynk-io/sbomqs/pkg/reporter/v2"
 	"github.com/interlynk-io/sbomqs/pkg/sbom"
 	"github.com/interlynk-io/sbomqs/pkg/scorer"
+	"github.com/interlynk-io/sbomqs/pkg/scorer/v2/config"
+	score "github.com/interlynk-io/sbomqs/pkg/scorer/v2/score"
+
 	"github.com/spf13/afero"
 )
 
@@ -66,6 +70,9 @@ type Params struct {
 	Signature string
 	PublicKey string
 	Blob      string
+
+	Legacy   bool
+	Profiles []string
 }
 
 func Run(ctx context.Context, ep *Params) error {
@@ -77,7 +84,41 @@ func Run(ctx context.Context, ep *Params) error {
 		log.Fatal("path is required")
 	}
 
-	return handlePaths(ctx, ep)
+	if ep.Legacy {
+		return handlePaths(ctx, ep)
+	}
+
+	return scored(ctx, ep)
+}
+
+func scored(ctx context.Context, ep *Params) error {
+	cfg := config.Config{
+		Categories: ep.Categories,
+		Features:   ep.Features,
+		ConfigFile: ep.ConfigPath,
+		Profile:    ep.Profiles,
+	}
+
+	results, err := score.ScoreSBOM(ctx, cfg, ep.Path)
+	if err != nil {
+		return err
+	}
+
+	reportFormat := "detailed"
+	if ep.Basic {
+		reportFormat = "basic"
+	}
+
+	if ep.JSON {
+		reportFormat = "json"
+	}
+
+	nr := v2.NewReport(ctx, results, reportFormat)
+	nr.Report()
+
+	return nil
+
+	// print the score
 }
 
 func handleURL(path string) (string, string, error) {

pkg/reporter/v2/basic.go

@@ -0,0 +1,27 @@
+package v2
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/interlynk-io/sbomqs/pkg/sbom"
+)
+
+func (r *Reporter) basicReport() {
+	for _, r := range r.Results {
+		format := r.Meta.FileFormat
+		spec := r.Meta.Spec
+		version := r.Meta.SpecVersion
+
+		if spec == string(sbom.SBOMSpecSPDX) {
+			version = strings.Replace(version, "SPDX-", "", 1)
+		}
+
+		// if spec == string(sbom.SBOMSpecCDX) {
+		// 	spec = "cyclonedx"
+		// }
+
+		fmt.Printf("%0.1f\t%s\t%s\t%s\t%s\n", r.InterlynkScore, r.Grade, version, format, r.Meta.Filename)
+
+	}
+}

pkg/reporter/v2/detailed.go

@@ -0,0 +1,31 @@
+package v2
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/olekukonko/tablewriter"
+)
+
+func (r *Reporter) detailedReport() {
+	fmt.Println("DETAILED SCORE")
+	for _, r := range r.Results {
+		outDoc := [][]string{}
+		for _, cat := range r.Comprehensive.Categories {
+			for _, feat := range cat.Features {
+				l := []string{cat.Name, feat.Key, fmt.Sprintf("%.1f/10.0", feat.Score), feat.Desc}
+				outDoc = append(outDoc, l)
+			}
+		}
+
+		fmt.Printf("\n  SBOM Quality Score: %0.1f/10.0\t Grade: %s\tComponents: %d\t%s\t\n\n", r.InterlynkScore, r.Grade, r.Meta.NumComponents, r.Meta.Filename)
+
+		// Initialize tablewriter table with borders
+		table := tablewriter.NewWriter(os.Stdout)
+		table.SetHeader([]string{"Category", "Feature", "Score", "Desc"})
+		table.SetRowLine(true)
+		table.SetAutoMergeCellsByColumnIndex([]int{0})
+		table.AppendBulk(outDoc)
+		table.Render()
+	}
+}

pkg/reporter/v2/json.go

@@ -0,0 +1,106 @@
+package v2
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/interlynk-io/sbomqs/pkg/sbom"
+	"sigs.k8s.io/release-utils/version"
+)
+
+type score struct {
+	Category string  `json:"category"`
+	Feature  string  `json:"feature"`
+	Score    float64 `json:"score"`
+	Desc     string  `json:"description"`
+	Ignored  bool    `json:"ignored"`
+}
+
+type file struct {
+	Name           string   `json:"file_name"`
+	Spec           string   `json:"spec"`
+	SpecVersion    string   `json:"spec_version"`
+	Format         string   `json:"file_format"`
+	Grade          string   `json:"grade"`
+	InterlynkScore float64  `json:"interlynk_score"`
+	Components     int      `json:"num_components"`
+	CreationTime   string   `json:"creation_time"`
+	Scores         []*score `json:"scores"`
+}
+
+type creation struct {
+	Name          string `json:"name"`
+	Version       string `json:"version"`
+	ScoringEngine string `json:"scoring_engine_version"`
+	Vendor        string `json:"vendor"`
+}
+
+type jsonReport struct {
+	RunID        string   `json:"run_id"`
+	TimeStamp    string   `json:"timestamp"`
+	CreationInfo creation `json:"creation_info"`
+	Files        []file   `json:"files"`
+}
+
+func newJSONReport() *jsonReport {
+	return &jsonReport{
+		RunID:     uuid.New().String(),
+		TimeStamp: time.Now().UTC().Format(time.RFC3339),
+		CreationInfo: creation{
+			Name:    "sbomqs",
+			Version: version.GetVersionInfo().GitVersion,
+			// ScoringEngine: scorer.EngineVersion,
+			Vendor: "Interlynk (support@interlynk.io)",
+		},
+		Files: []file{},
+	}
+}
+
+func (r *Reporter) jsonReport() (string, error) {
+	fmt.Println("JSON SCORE")
+	jr := newJSONReport()
+
+	for _, r := range r.Results {
+		f := file{}
+		f.InterlynkScore = r.InterlynkScore
+		f.Grade = r.Grade
+		f.Components = r.Meta.NumComponents
+		f.Format = r.Meta.FileFormat
+		f.Name = r.Meta.Filename
+		f.Spec = r.Meta.Spec
+		f.CreationTime = r.Meta.CreationTime
+
+		if r.Meta.Spec == string(sbom.SBOMSpecSPDX) {
+			version := strings.Replace(r.Meta.SpecVersion, "SPDX-", "", 1)
+			f.SpecVersion = version
+		}
+
+		for _, cat := range r.Comprehensive.Categories {
+			for _, feat := range cat.Features {
+				ns := new(score)
+				ns.Category = cat.Name
+				ns.Feature = feat.Key
+				ns.Score = feat.Score
+				ns.Desc = feat.Desc
+				ns.Ignored = feat.Ignored
+				f.Scores = append(f.Scores, ns)
+			}
+		}
+
+		jr.Files = append(jr.Files, f)
+	}
+
+	o, err := json.MarshalIndent(jr, "", "  ")
+	if err != nil {
+		return "", err
+	}
+
+	if true {
+		fmt.Println(string(o))
+	}
+
+	return string(o), nil
+}

pkg/reporter/v2/profile.go

@@ -0,0 +1 @@
+package v2

pkg/reporter/v2/reporter.go

@@ -0,0 +1,47 @@
+package v2
+
+import (
+	"context"
+
+	"github.com/interlynk-io/sbomqs/pkg/scorer/v2/api"
+)
+
+type ReportFormat string
+
+var (
+	REPORT_BASIC    ReportFormat = "basic"
+	REPORT_JSON     ReportFormat = "json"
+	REPORT_DETAILED ReportFormat = "detailed"
+)
+
+type Reporter struct {
+	Ctx     context.Context
+	Results []api.Result
+	Format  ReportFormat
+}
+
+func NewReport(ctx context.Context, results []api.Result, rFormat string) *Reporter {
+	report := &Reporter{
+		Ctx:     ctx,
+		Results: results,
+		Format:  ReportFormat(rFormat),
+	}
+
+	return report
+}
+
+func (r *Reporter) Report() {
+	switch r.Format {
+	case REPORT_BASIC:
+		// basic report
+		r.basicReport()
+
+	case REPORT_JSON:
+		// json report
+		r.jsonReport()
+
+	case REPORT_DETAILED:
+		r.detailedReport()
+
+	}
+}

pkg/scorer/v2/api/result.go

@@ -21,7 +21,10 @@ import (
 
 // Result represents result of an SBOM
 type Result struct {
-	Meta SBOMMeta
+	Doc            sbom.Document
+	Meta           SBOMMeta
+	InterlynkScore float64
+	Grade          string
 
 	Comprehensive *ComprehensiveResult
 	Profiles      []ProfileResult
@@ -39,9 +42,7 @@ type SBOMMeta struct {
 
 // Comprehensive (quality) scoring
 type ComprehensiveResult struct {
-	InterlynkScore float64
-	Grade          string
-	Categories     []CategoryResult
+	Categories []CategoryResult
 }
 
 // Category result
@@ -54,6 +55,7 @@ type CategoryResult struct {
 
 // feature result
 type FeatureResult struct {
+	Name    string
 	Key     string
 	Weight  float64 // feature weight
 	Score   float64
@@ -101,6 +103,19 @@ func NewProfFeatResult(pFeat catalog.ProfFeatSpec) ProfileFeatureResult {
 	}
 }
 
+func NewComprFeatResult(comprFeat catalog.ComprFeatSpec) FeatureResult {
+	return FeatureResult{
+		Name:   comprFeat.Name,
+		Key:    string(comprFeat.Key),
+		Score:  0.0,
+		Weight: comprFeat.Weight,
+	}
+}
+
+func NewComprResult() ComprehensiveResult {
+	return ComprehensiveResult{}
+}
+
 func NewCategoryResultFromSpec(cat catalog.ComprCatSpec) CategoryResult {
 	return CategoryResult{
 		Name:   cat.Name,

pkg/scorer/v2/catalog/catalog.go

@@ -80,14 +80,8 @@ func (c *Catalog) ResolveProfileAlias(s string) (ProfileKey, bool) {
 	return k, ok
 }
 
-func (c *Catalog) BaseCategories() []ComprCatSpec {
-	out := make([]ComprCatSpec, 0, len(c.Order))
-	for _, k := range c.Order {
-		if spec, ok := c.ComprCategories[k]; ok {
-			out = append(out, spec)
-		}
-	}
-	return out
+func (c *Catalog) BaseCategoriesKeys() []ComprCatKey {
+	return c.Order
 }
 
 func (c *Catalog) BaseProfiles() []ProfSpec {

pkg/scorer/v2/catalog/catalog_test.go

@@ -0,0 +1,15 @@
+// Copyright 2025 Interlynk.io
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package catalog